package org.smart4j.plugin.security.password;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.smart4j.framework.util.CodecUtil;

/**
 * description: new java files...TODO
 * @version v1.0
 * @author w
 * @date 2018年11月4日下午10:49:04
 **/

public class Md5CredentialsMatcher implements CredentialsMatcher {
	
	/**
	 * @param AuthenticationInfo 数据库中 存储的密码信息 
	 * @param AuthenticationToken 用户表单提交的密码信息
	 */
	@Override
	public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
		// 获取表单中提交的密码信息 --- 未加密
		String submitPWD = String.valueOf(((UsernamePasswordToken)token).getPassword());
		// 获取数据库中已经加密的密码 --- MD5 加密
		String encrypted = String.valueOf(info.getCredentials());
		return CodecUtil.md5(submitPWD).equals(encrypted);
	}

}
